Everything was old New again this week The ransomware came again In the headlines, hitting an important grain cooperative in Iowa, among other goals. And WIRED sat down with DeSnake, formerly number two on the AlphaBay dark web marketplace, to hear about AlphaBay’s reemergence and relaunch four years after it was removed by law enforcement. “The AlphaBay name was put in a bad light after the raids,” Desnik said. “I’m here to make up for it.”
The positive vibes of Groundhog Day continued with the annual release of Apple’s latest mobile operating system, iOS 15. The new operating system comes with a feature Lots of privacy featuresHere, including more nitty-gritty details about what your apps do, a mechanism to block email trackers, and a kind of VPN-Tor Frankenstein monster called iCloud Private Relay that protects your browsing activity. USE THE HELPFUL WIRED GUIDE To get up to speed and start changing some settings.
And if you want a DIY project that isn’t tied to a walled garden for a tech company, we’ve got tips for that How to set up your network attached storage (NAS) that plugs directly into your router and gives you a place to easily share files between your devices or store backups.
And there’s more! Each week we round up all the security news that WIRED hasn’t covered in depth. Click the headlines to read the full stories, and be safe out there.
A message to Congress shared with Motherboard shows that the US National Security Agency, the CIA, and other members of the intelligence community are using ad-blocking tools on their networks as a security protection. In the letter, IC’s chief information officer wrote: “IC has implemented network-based ad blocking technologies and uses information from several layers, including Domain Name System information, to block unwanted and malicious advertising content.”
You can use an ad blocker to make your browsing experience more enjoyable, but the tools also have potential defensive benefits. Attackers trying to run malicious ads on unscrupulous ad networks or distort legitimate-looking ads can steal data or hack malware onto your device if you click, or sometimes by exploiting web vulnerabilities. The fact that IC views advertising as an unnecessary risk and even a threat speaks to long-standing problems with the industry. The National Security Agency and the Cybersecurity and Infrastructure Security Agency have issued general guidelines in recent years advising the use of ad blockers as a security protection, but IC itself has not been required to adopt this measure. Its members voluntarily deployed ad blockers.
The security department of Russian telecom giant Rostelecom removed part of the notorious botnet this week, thanks to a flaw introduced by the developers of the malicious platform. The error allowed Rostelecom to “sink“Part of the system. Bots are a zombie army of malware-infected machines to centrally control coordinated operations. Platforms are often used for DDoS attacks, where actors pipe a hose of unwanted traffic into the target’s web systems in an attempt to overload them.”
The Meris Botnet is currently the largest botnet available to cybercriminals and is believed to consist of about 250,000 systems operating collectively. It has been used against targets in Russia, the United States, and the United Kingdom, among other countries. Partial removal of Rostelecom is important, because Meris’ attacks are powerful and difficult for targets to fight. Earlier this month, Meris’ attack on Russian tech giant Yandex broke the record for largest DDoS attack ever. Yandex was able to defend itself against assault.
European law enforcement authorities in Italy and Spain have arrested 106 people on suspicion of carrying out a large-scale fraud campaign over many years, totaling more than $11.7 million in profits last year alone. Police said this week that the individuals involved had links to an Italian mafia group. The suspects are alleged to have operated phishing schemes, conducted business email scams, launched SIM swap attacks, and generally committed credit card fraud against hundreds of victims. This activity is also allegedly linked to drug trafficking and other property-related crimes. To actually extract money from these digital scams, the suspects allegedly laundered the stolen money through the money mule system and shell companies. In addition to the arrests, law enforcement has frozen 118 bank accounts, seized computers, SIM cards, 224 credit cards, and an entire cannabis farm in connection with bankruptcy.
More great wired stories